Beruflich Dokumente
Kultur Dokumente
An independent study by
Quocirca Ltd.
www.quocirca.com
Addressing a growing problem—IPAM Page 2
CONTENTS
1. INTRODUCTION ........................................................................................................................................................................ 3
2. AN INTRODUCTION TO IPAM ............................................................................................................................................... 3
3. WHY SHOULD WE CARE ABOUT IPAM NOW?................................................................................................................. 3
4. FOR MANY, IPAM IS A GROWING MANAGEMENT HEADACHE................................................................................. 4
5. AUTOMATING THE IPAM PROCESS ................................................................................................................................... 5
6. THE BENEFITS OF IPAM ........................................................................................................................................................ 5
7. CONCLUSION ............................................................................................................................................................................ 6
ABOUT BLUECAT NETWORKS ..................................................................................................................................................... 7
ABOUT QUOCIRCA .......................................................................................................................................................................... 8
By the end of 2008, around 1.5 IPAM is the allocation, classification and tracking of
billion individuals around the all IP addresses in use by a given organisation, and can
world will have internet access. also be used to manage other closely related
In November 2007, mobile technologies. These include domain name system
phone users numbered 3.3 (DNS) servers, which are used to locate and translate
billion, with a growing domain names into IP addresses, serving as the glue
proportion of those mobile that connects a network infrastructure with business
devices enabled for internet applications, and dynamic host configuration protocol
access. Each device accessing (DHCP) servers. DCHP is used for assigning addresses
the internet has its own Internet on the fly to devices such as printers, laptops and other
Protocol (IP) address associated with it, allowing it to mobile IP-connected devices and for associating where
be uniquely identified. the device is in the network. IPAM, DNS and DHCP
are often neglected by IT management, but they
In computing terms, a protocol is a set of rules provide crucial services with regard to the availability,
governing the exchange or transmission of data accessibility, performance and security of network
between devices. IP is a protocol for sending data from applications.
one computational device to another on the internet,
other public networks, or even internal private With their centralised architecture and management
networks. Each IP address needs to be unique so that capabilities, IPAM systems can be used more
the network knows where to send packets of efficiently to manage not only IP addresses, but also
information. According to the Internet Engineering naming conventions used in the organisation and the
Task Force (IETF), the role of an IP address is as DNS and DHCP servers in order to provide highly
follows: “A name indicates what we seek; an address available DNS and DHCP network services. If DNS
indicates where it is; a route indicates how to get and DHCP servers are not correctly managed, a failure
there.” of the DNS server would lead to domain names not
being mapped to IP addresses and network clients not
As the use of computational devices is growing mapping to servers. For example, email systems
exponentially, the number of IP addresses required require DNS in order to determine where the mail is to
expands likewise. For a large organisation with tens of be sent. If the DNS service fails, this will result in loss
thousands of employees, this can mean that its IP of email services as well.
address list could outstrip the largest of phone books.
Even a small organisation can find itself managing
hundreds, if not thousands, of IP addresses.
3. Why should we care about
Because of this, the administration of huge pools of IP
addresses has become a headache for many
IPAM now?
organisations, with poor management leading to the
risk of unknown or unaccounted-for IP addresses
Until recently, the need for effective management of IP
connecting to the network. This could lead to poor
addresses was mostly confined to larger organisations
visibility over which host computers and devices have
with thousands, or tens of thousands, of network users
inbound or outbound connectivity to the network, such
that had to be provisioned, leaving IT resources
as open links to former employees or business partners
struggling to ensure that the IP address was managed
that could be compromised.
correctly and efficiently. However, one key factor that
By automating the management of IP addresses, is making efficient management of IP address
companies can improve their security posture whilst allocation a pressing concern for all businesses today,
gaining greater control of network assets. Faced with even small ones, is the proliferation of IP-connected
the imperative of cost cutting in today’s challenging devices, in particular mobile phones. By some
economic environment, organisations are tasked with estimates, around 250 million of all mobile phones that
optimising the infrastructure that they already have in will be shipped in 2009 will be IP-enabled smart
place, looking at ways to trim unnecessary expenditure phones that offer internet connectivity along with a
and utilise existing resources more effectively. host of other services, and Yahoo! estimates that more
users will access the internet via mobile devices than
This paper aims to show how organisations can use IP
fixed computers by 2016.
Address Management (IPAM) tools to regain control
of their IP networks and show the benefits that they Many of these will be used to access a given
can achieve in doing this. organisation’s internal network for business purposes,
such as for checking work schedules or remotely
clocking in to work.
As well as mobile devices, a host of other devices in but it cannot put off the imperative to move to IPv6
use in organisations, such as physical access control indefinitely.
systems, building automation systems, cash registers
To address this problem, IPv6 was developed in 1996,
and many industrial devices, are increasingly being IP-
potentially providing 340 trillion, trillion, trillion IP
enabled and made accessible over the network. Voice
addresses, which will be allocated in far larger blocks
over IP (VoIP) phones are also coming into greater use
than IPv4. The reason why IPv6 can provide so many
in businesses, owing to the reduced cost of
unique address combinations is that the range of
communications that they offer by routing calls over IP
numbers available to define each address is
networks, and usage is set to increase dramatically.
substantially larger with 128 bits than with 32. IPv6
Another technology that is increasing the number of IP addresses also use the base-16 hexadecimal numbering
addresses that need to be managed is Radio Frequency system that combines the use of numbers and letters,
Identification (RFID), which offers opportunities for rather than just numbers as in IPv4. This makes it even
streamlining supply chains, security tracking and other more of a management headache if IP address
monitoring. Finally there is also an increased use of allocation is handled manually, especially given the
virtualisation, which reduces resource and hardware potential for human error.
usage, but expands the number of IP addresses for each
To date, the switch from IPv4 to IPv6 has been a low
virtual machine in use.
priority—especially since not all technology
manufacturers have embraced IPv6 until recently.
However, that will change fast as it enjoys more
4. For many, IPAM is a growing widespread support and as governments worldwide
management headache start to push for a migration to IPv6. The EU set a
target in May 2008 of getting 25% of EU industry,
public sector organisations and households to use IPv6
Given the rise not just in computer usage, but in the by 2010, saying that the explosion in use of electronic
growing number of devices and applications that need devices will lead to a thousand-fold increase in the
to be provisioned with an IP address in order to number of IP addresses. It is considering making IPv6
connect to networks, the number of IP addresses in use a condition of acceptance in public sector procurement
is spiralling and it is now common for most computer contracts. The US government mandated the use of
users to have multiple IP addresses associated with IPv6 by all its contractors in mid-2008 and many other
them. Even in a small company with just a hundred governments, including the Japanese and Chinese, are
employees, the use of technologies such as VoIP and actively encouraging the rollout of public IPv6
mobile devices can mean that they now have hundreds networks.
of IP addresses to manage.
However, many organisations attempt to manage Table: The key drivers for IPAM
allocation of these IP addresses by using spreadsheets
or databases, which can be too easily or accidentally Exploding use of mobile devices for accessing
modified or contain errors. Management by networks
spreadsheet is error prone. According to studies cited
Fast expanding use of IP-enabled devices and
by the European Spreadsheet Risks Interest Group,
applications, including RFID tags and virtual
90% of spreadsheets contain errors. But the problem is
devices
only going to get worse because the current IP address
system—IPv4—that was put in place in 1977 is Conversion to IPv6—the requirement to manage
running out of available addresses. IPv4 uses a 32-bit much larger addresses
string for each address, giving just under 4.3 billion
Need for reconciling IP usage with corporate
possible unique address combinations. However, the
policies and governance requirements
clock is ticking. By October 2007, it was estimated that
83% of all available IPv4 addresses had been allocated Increased productivity of workflow and processes
and, in September 2008, the China Internet Network associated with manual IPAM
Information Centre estimated that it had only 830
days’ worth of IPv4 resources left. Auditing of and reporting on all IP usage on the
network for greater visibility and control
One solution often used to tackle address space
limitations is network address translation (NAT). NAT
is the translation of an IP address used in one network
to one used in another. It allows an organisation to map
its local network addresses to one or more external IP
addresses. This reduces the need for a large number of
publicly known IP addresses by creating a separation
between publicly known and privately known
addresses. NAT is a useful way to insulate internal
networks and has extended the use of IPv4 addresses
BlueCat Networks, the IPAM Intelligence Company™, is a privately held profitable and rapidly growing leading
provider of enterprise-class IP Address Management (IPAM) platforms and secure DNS/DHCP network administration
appliances. Today, many thousands of BlueCat’s award-winning Proteus™ IPAM platforms and Adonis™ family of
DNS/DHCP appliances have been successfully deployed to meet the rising IP management demands of small/medium
enterprises, government, military, financial services, insurance, educational, retail and manufacturing organisations in
over 32 countries. Over 300 of the global Fortune 1000 firms—including government classified and unclassified
networks—rely on BlueCat to secure their networks.
BlueCat differentiates itself from the competition with its ongoing commitment to developing the most advanced IP
Address Management solutions that deliver a benchmark-setting network experience for customers that is based on
efficiency, reliability, and workflow. We listen to our customers to design and deliver the solution they need, while our
professional services team is available to deliver expert onsite service for the completion of a successful deployment.
Our exceptional dedication to client care makes BlueCat the industry leader of choice. With over 120 full-time staff,
BlueCat provides world-class, end-to-end DNS/DHCP and IPAM solutions.
BlueCat has headquarters in Toronto, Ontario, Canada and regional offices established in 8 cities as well as in Germany
and the UK. BlueCat’s handpicked strategic partners further extend its global footprint throughout Europe, the Middle
East and Asia Pacific.
Contact:
Branko Miskov
Director, Product Management
BlueCat Networks Inc.
North America
Phone: +1.416.646.8398
Email: bmiskov@bluecatnetworks.com
About Quocirca
Quocirca is a primary research and analysis company specialising in the business impact of information technology and
communications (ITC). With world-wide, native language reach, Quocirca provides in-depth insights into the views of
buyers and influencers in large, mid-sized and small organisations. Its analyst team is made up of real-world
practitioners with firsthand experience of ITC delivery who continuously research and track the industry in the
following key areas:
Business process evolution and enablement
Enterprise solutions and integration
Business intelligence and reporting
Communications, collaboration and mobility
Infrastructure and IT systems management
Systems security and end-point management
Utility computing and delivery of IT as a service
Sustainability and environmental issues
IT delivery channels and practices
IT investment activity, behaviour and planning
Public sector technology adoption and issues
Integrated print management
Through researching perceptions, Quocirca uncovers the real hurdles to technology adoption—the personal and
political aspects of an organisation’s environment and the pressures of the need for demonstrable business value in any
implementation. This capability to uncover and report back on the end-user perceptions in the market enables Quocirca
to advise on the realities of technology adoption, not the promises.
Quocirca research is always pragmatic, business orientated and conducted in the context of the bigger picture. ITC has
the ability to transform businesses and the processes that drive them, but often fails to do so. Quocirca’s mission is to
help organisations improve their success rate in process enablement through better levels of understanding and the
adoption of the correct technologies at the correct time.
Quocirca has a pro-active primary research programme, regularly surveying users, purchasers and resellers of ITC
products and services on emerging, evolving and maturing technologies. Over time, Quocirca has built a picture of long
term investment trends, providing invaluable information for the whole of the ITC community.
Quocirca works with global and local providers of ITC products and services to help them deliver on the promise that
ITC holds for business. Quocirca’s clients include Oracle, Microsoft, HP, IBM, T-Mobile, Xerox, Vodafone, EMC,
Symantec and Cisco, along with other large and medium sized vendors, service providers and more specialist firms.
Sponsorship of specific studies by such organisations allows much of Quocirca’s research to be placed into the public
domain at no cost. Quocirca’s reach is great—through a network of media partners, Quocirca publishes its research to a
possible audience measured in the millions.
Quocirca’s independent culture and the real-world experience of Quocirca’s analysts ensure that our research and
analysis is always objective, accurate, actionable and challenging.
Quocirca reports are freely available to everyone and may be requested via www.quocirca.com.
Contact:
Quocirca Ltd
Mountbatten House
Fairacres
Windsor
Berkshire
SL4 4LE
United Kingdom
Tel +44 1753 754 838